Intrusion Detection for Industrial Control Systems by Machine Learning using Privileged Information
Pordelkhaki, Moojan and Fouad, Shereen and Josephs, Mark (2021) Intrusion Detection for Industrial Control Systems by Machine Learning using Privileged Information. In: 19th Annual IEEE International Conference on Intelligence and Security Informatics (ISI), 02-03 Nov 2021, San Antonio, Texas, USA.
|
Text
Cyber_Anomaly_Detection_in_SWaT_Using_Auxiliary_Data_for_IEEE_ISI_2021_CameraReady_.pdf - Accepted Version Download (1MB) |
Abstract
The continuous operation of an industrial process, such as water treatment or power generation, is governed by an Industrial Control System (ICS). Cyber attacks on industrial networks are of growing concern because of the disruption they can cause, leading to loss of revenue, and the possibility of harm to workers, plant and surroundings. Operators therefore need a Network Intrusion Detection System (NIDS) to analyse industrial network traffic in real time for adversarial behaviour. Machine Learning (ML) is applicable to the problem of network intrusion detection. This paper investigates the possibility of training an ML-based NIDS for an ICS (specifically, the well-known Secure Water Treatment testbed) by combining network traffic data and physical process data. In the supplied dataset, data had already been labelled “according to normal and abnormal behaviours”; the labelling of data collected around the start and end of each attack was scrutinized and, where found to be problematic, labelled data were excluded in order to improve the effectiveness of supervised learning. The ML technique of “Learning using Privileged Information” was evaluated and found to be superior to six baseline ML algorithms trained on network traffic data alone.
Item Type: | Conference or Workshop Item (Paper) | ||||||
---|---|---|---|---|---|---|---|
Identification Number: | https://doi.org/10.1109/ISI53945.2021.9624757 | ||||||
Dates: |
|
||||||
Uncontrolled Keywords: | Network Intrusion Detection System, Industrial Control System, Machine Learning, Learning using Privileged Information | ||||||
Subjects: | CAH10 - engineering and technology > CAH10-01 - engineering > CAH10-01-09 - chemical, process and energy engineering CAH11 - computing > CAH11-01 - computing > CAH11-01-05 - artificial intelligence |
||||||
Divisions: | Faculty of Computing, Engineering and the Built Environment > School of Computing and Digital Technology | ||||||
Depositing User: | Mark Josephs | ||||||
Date Deposited: | 21 Oct 2021 09:57 | ||||||
Last Modified: | 30 Nov 2022 03:00 | ||||||
URI: | https://www.open-access.bcu.ac.uk/id/eprint/12318 |
Actions (login required)
View Item |